Date: Wed, 19 Feb 2025 10:41:45 GMT From: Kristof Provost <kp@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: da64fc8609d5 - main - pflog: ensure we can't read outside V_pflogifs Message-ID: <202502191041.51JAfjUi035540@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=da64fc8609d53e3b72529c32b76bf1c29bb48e23 commit da64fc8609d53e3b72529c32b76bf1c29bb48e23 Author: Kristof Provost <kp@FreeBSD.org> AuthorDate: 2025-02-14 08:07:02 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2025-02-19 10:41:10 +0000 pflog: ensure we can't read outside V_pflogifs Sponsored by: Rubicon Communications, LLC ("Netgate") --- sys/netpfil/pf/if_pflog.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sys/netpfil/pf/if_pflog.c b/sys/netpfil/pf/if_pflog.c index 7c9baaeaba76..016ff96b02b4 100644 --- a/sys/netpfil/pf/if_pflog.c +++ b/sys/netpfil/pf/if_pflog.c @@ -251,6 +251,9 @@ pflog_packet(uint8_t action, u_int8_t reason, if (rm == NULL || pd == NULL) return (1); + if (rm->logif > V_npflogifs) + return (0); + ifn = V_pflogifs[rm->logif]; if (ifn == NULL || !bpf_peers_present(ifn->if_bpf)) return (0);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202502191041.51JAfjUi035540>